[1]Red Hat Home 

RHS333 Red Hat Enterprise Security: Network Services

Course Summary

   Red  Hat  Enterprise  Linux  has  gained  considerable momentum as the
   operating system of choice for deploying network services such as web,
   ftp,  email,  and  file  sharing.  Red  Hat's RHCE curriculum provides
   training  in deploying these services and on the essential elements of
   securing them.

RHS333 Red Hat Enterprise Security: Network Services Description


   The   audience   for   this  course  includes  system  administrators,
   consultants,  and other IT professionals responsible for the planning,
   implementation, and maintenance of network servers. While the emphasis
   is  on  running  these  services  on Red Hat Enterprise Linux, and the
   content and labs will assume its use, system administrators and others
   using  proprietary  forms  of Unix may also find many elements of this
   course relevant.


     * [57]RH253,  [58]RH300,  or  RHCE  certification or equivalent work
       experience is required for this course.
     * Course  participants should already know the essential elements of
       how  to  configure  the  services  covered, as this course will be
       focusing on more advanced topics from the outset.



[59]Training Units (TUs):

   9 TUs


   4 days
   Training Start Time: 9:00 a.m.
   Training End Time: 4:30-5:00PM (depending on class progress)

What you will learn:

   RHS333 goes beyond the essential security coverage offered in the RHCE
   curriculum and delves deeper into the security features, capabilities,
   and  risks  associated with the most commonly deployed services. Among
   the   topics  covered  in  this  four-day,  hands-on  course  are  the
    1. Mastering basic service security
          + Review of host security
          + Advanced TCP wrappers configuration
          + Advanced xinetd configuration
    2. Understanding cryptography
          + Overview of cryptographic techniques
          + Management of SSL certificates
    3. Logging system activity
          + Clock synchronization with NTP
          + Configuring centralized syslog management
    4. Securing BIND and DNS
          + Name server topology and "views"
          + Configuration of appropriate recursion and response policies
          + Using TSIG authentication keys
          + Running BIND in a chroot environment
    5. Network user authentication security
          + Managing portmap and NIS risks
          + Using Kerberos authentication
    6. Improving NFS security
          + NFS security limitations
          + Configurations to avoid
    7. The secure shell: OpenSSH
          + Protocol and service security
          + Protecting public-key authentication
          + Port-forwarding and X11-forwarding issues
    8. Securing E-mail with Sendmail and Postfix
          + User mail spool access issues
          + Overview of Postfix configuration
          + Access control and STARTTLS
          + Anti-spam features
          + Introduction to Procmail
    9. Managing FTP access
          + Controlling local and anonymous users
   10. Apache security
          + User authentication and access control
          + Common misconfigurations
          + Containing CGI risks
   11. Basics of intrusion response
          + Monitoring for suspicious activity
          + Verifying suspected intrusions
          + Recovering from an intrusion

RHS333 Training Schedule and Locations

   Copyright  2005 Red Hat, Inc. All rights reserved.